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CLAIMS: 

What is claimed: 

5 1 . A method for communicating on a network between a 

first data processing system and a second data processing 
system, the method comprising the computer- implemented 
steps of: 

transmitting data packets on the network from the 
10 first data processing system to the second data 

processing system using a virtual private network (VPN) ; 
and 

automatically reconfiguring the VPN to use alternate 
addresses on the network for the first data processing 
15 system and the second data processing system. 

2 . The method of claim 1 wherein the step of 
transmitting data packets on the network further 
comprises: 

20 transmitting data packets through a first VPN tunnel 

between the first data processing system and the second 
data processing system, wherein a first end of the first 
VPN tunnel is terminated by the first data processing 
system using a first network address and a second end of 

25 the first VPN tunnel is terminated by the second data 
processing system using a second network address. 

3 . The method of claim 2 wherein the step of 
automatically reconfiguring the VPN further comprises: 

30 automatically determining, in accordance with a 

predetermined algorithm, a third network address for the 
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first data processing system and a fourth network address 
for the second data processing system; and 

automatically assigning the third network address to 
the first data processing system and the fourth network 
5 address to the second data processing system. 

4 . The method of claim 3 wherein the predetermined 
algorithm is a function which maps a network address to 
another network address . 

10 

5. The method of claim 4 wherein the first network 
address and the third network address are members of a 
first predetermined set of network addresses. 

15 6. The method of claim 3 further comprising: 

transmitting data packets through a second VPN 
tunnel between the first data processing system and the 
second data processing system, wherein a first end of the 
second VPN tunnel is terminated by the first data 

20 processing system using the third network address and a 
second end of the second VPN tunnel is terminated by the 
second data processing system using the fourth network 
address . 

25 7 . The method of claim 1 wherein the data packets are 
transmitted using Internet Protocol (IP) . 

8. The method of claim 1 wherein the network comprises 
the Internet . 

30 

9 . The method of claim 1 wherein the first data 
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processing system is a secure gateway for connecting the 
network to another network. 

10. A distributed data processing system for 

5 communicating on a network, the distributed data 
processing system comprising: 

transmitting means for transmitting data packets on 
the network from a first data processing system to a 
second data processing system using a virtual private 
10 network (VPN) ; and 

reconfiguring means for automatically reconfiguring 
the VPN to use alternate addresses on the network for the 
first data processing system and the second data 
processing system. 

15 

11. The distributed data processing system of claim 10 
wherein the transmitting means further comprises: 

first sending means for sending data packets through 
a first VPN tunnel between the first data processing 

20 system and the second data processing system, wherein a 
first end of the first VPN tunnel is terminated by the 
first data processing system using a first network 
address and a second end of the first VPN tunnel is 
terminated by the second data processing system using a 

25 second network address. 

12. The distributed data processing system of claim 11 
wherein the reconfiguring means further comprises: 

determining means for automatically determining, in 
30 accordance with a predetermined algorithm, a third 

network address for the first data processing system and 
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a fourth network address for the second data processing 
system; and 

assigning means for automatically assigning the 
third network address to the first data processing system 
5 and the fourth network address to the second data 
processing system. 

13. The distributed data processing system of claim 12 
wherein the predetermined algorithm is a function which 

10 maps a network address to another network address. 

14. The distributed data processing system of claim 13 
wherein the first network address and the third network 
address are members of a first predetermined set of 

15 network addresses. 

15. The distributed data processing system of claim 12 
wherein the transmitting means further comprises: 

second sending means for sending data packets 
20 through a second VPN tunnel between the first data 

processing system and the second data processing system, 
wherein a first end of the second VPN tunnel is 
terminated by the first data processing system using the 
third network address and a second end of the second VPN 
25 tunnel is terminated by the second data processing system 
using the fourth network address. 

16. The distributed data processing system of claim 10 
wherein the data packets are transmitted using Internet 

30 Protocol (IP). 
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17. The distributed data processing system of claim 10 
wherein the network comprises the Internet. 

18. The distributed data processing system of claim 10 
5 wherein the first data processing system is a secure 

gateway for connecting the network to another network. 

19. A computer program product on a computer-readable 
medium for use in a data processing system for 

10 communicating on a network, the computer program product 
comprising: 

instructions for transmitting data packets on the 
network from a first data processing system to a second 
data processing system using a virtual private network 
15 (VPN) ; and 

instructions for automatically reconfiguring the VPN 
to use alternate addresses on the network for the first 
data processing system and the second data processing 
system. 

20 

20. The distributed data processing system of claim 19 
wherein the first data processing system is a secure 
gateway for connecting the network to the Internet . 



